• Archived

Post-installation return codes for Mozilla Firefox application.

I am deploying Mozilla Firefox using Intune. The application is deployed no problem but there is always the error in Intune portal. I was told that Mozilla Firefox has c… (read more)

I am deploying Mozilla Firefox using Intune. The application is deployed no problem but there is always the error in Intune portal. I was told that Mozilla Firefox has custom return codes to indicate post-installation behavior. That is why though the application itself is installed and works properly on the device, Intune portal does not know the status of the installation and gives the error. This error causes a lot of issues to the further application management. Dose any one knows what those codes are? Or maybe can point into the correct direction on how to get them. Thank you.

Asked by max.plokhuta 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Preventing access to about: pages, specifically about:logins

Hi, I've been tasked to make some changes to the way users deal with logins and passwords in the office. So, in short, one of the issues is this: is there ANY way to dis… (read more)

Hi,

I've been tasked to make some changes to the way users deal with logins and passwords in the office. So, in short, one of the issues is this: is there ANY way to disable (I'd say "hide" is more accurate) the about:logins page on Firefox?

  • pref.privacy.disable_button.view_passwords (with a lock pref) in autoconfig only disables the "View saved logins" button in Settings.

As for policies:

  • a few policies for blocking about: pages do exist - BlockAboutAddons/Config/Profiles/Support, but can't find one, say, "BlockAboutLogins" or something like that.
  • PasswordManagerEnabled set to false disables the password manager completely, including about:logins, password autofill is disabled as well - not what I need.
  • WebsiteFilter, as expected, doesn't treat about: as a protocol, so it can't be done there either.


Any help is appreciated. Thanks in advance!

Asked by slavev16 1 year ago

Last reply by cor-el 1 year ago

  • Archived

Content doesn't fit Firefox window on Linux via VNC

Steps: Open Linux server via VNC Open Firefox Search the term "test" Issue: The google result page doesn't fit into the window and has a horizontal scrollba… (read more)

Steps:

  • Open Linux server via VNC
  • Open Firefox
  • Search the term "test"

Issue:

  • The google result page doesn't fit into the window and has a horizontal scrollbar to see content on the right hand side

Note: I need my website to fit into browser properly at 100%(default) zoom itself for the purpose of automation because changing zoom level via selenium automation to press ctrl and minus 3 times causes unexpected behavior like even though value is filled in a textbox, it doesn't get sent in the API request payload. (Python 3.4.3, Selenium 3.12.0, GeckoDriver 0.31.0)

Versions:

  • Ubuntu 14.04.6
  • Firefox 91.13.0ESR
  • VNC: Tight VNC Viewer 2.8.63 OR Real VNC Viewer 6.22.515

Asked by smita.v.patankar 1 year ago

Last reply by cor-el 1 year ago

  • Archived

Looking for End Of Life (EOL) dates

We have about 35 versions of firefox running across the enterprise (38 to 91) and I have been tasked to update the EOL dates for all versions we have to help bring things… (read more)

We have about 35 versions of firefox running across the enterprise (38 to 91) and I have been tasked to update the EOL dates for all versions we have to help bring things up to speed and know what is/is not supported.

I found this page with release dates (https://www.mozilla.org/en-US/firefox/releases/) but nothing about when a version has reached it's EOL. Any help would be appreciated.

Asked by david.burrows 1 year ago

Last reply by James 1 year ago

  • Archived

OCSP validation failing.

Hi, Background: a few months ago I had to redeploy the CA for a network I manage. I was able to do so and publish the new intermediate CA's cert via Active Directory. Sin… (read more)

Hi, Background: a few months ago I had to redeploy the CA for a network I manage. I was able to do so and publish the new intermediate CA's cert via Active Directory. Since then, I've updated certs on webhosts with certs from the new CA. Whenever a user uses FF (version 91.12.0) to browse to a site with the newly signed cert, I get an error stating "sec_error_ocsp_old". I've been able to temporarily advise users to disable OCSP Validation in FF security settings, but I'd REALLY like to fix this.

Other browsers (Edge, Chrome, Opera) all load the sites without issue.

Using this the below article, I double checked the time settings on the CA, Webserver, and clients: https://support.mozilla.org/en-US/kb/troubleshoot-time-errors-secure-websites

All the machines/VMs in question show the same time source, time, time zone, and sync interval.

I'm at a loss for what is happening. Any help would be greatly appreciated.

Asked by kaz.szydlo 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Unable to configure the firefox policy for Proxy in Intune

OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy Value (string): <enabled/> <data id="ProxyLocked" value="true | false"/> <data i… (read more)

OMA-URI:

./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy Value (string):

<enabled/> <data id="ProxyLocked" value="true | false"/> <data id="ConnectionType" value="none | system | manual | autoDetect | autoConfig"/> <data id="HTTPProxy" value="https://httpproxy.example.com"/> <data id="UseHTTPProxyForAllProtocols" value="true | false"/> <data id="SSLProxy" value="https://sslproxy.example.com"/> <data id="FTPProxy" value="https://ftpproxy.example.com"/> <data id="SOCKSProxy" value="https://socksproxy.example.com"/> <data id="SOCKSVersion" value="4 | 5"/> <data id="AutoConfigURL" value="URL_TO_AUTOCONFIG"/> <data id="Passthrough" value="<local>" >="" <data="" <="" p=""></data>


This has mixure of String and Integer , when we configure as string and use one from the above or leaving blank or setting only string , it failed the policy with error - -2016281112

Asked by kamal.manoranjith 1 year ago

Last reply by Mike Kaply 1 year ago

  • Solved
  • Archived

Firefox Window Closes Unexpectedly

Environment: Version: 102.3.0esr Build ID: 20220912135840 OS: Windows_NT 10.0 19044 Issue: I had Firefox window 1 opened in virtual desktop 1, then I switched t… (read more)

Environment:

  • Version: 102.3.0esr
  • Build ID: 20220912135840
  • OS: Windows_NT 10.0 19044

Issue: I had Firefox window 1 opened in virtual desktop 1, then I switched to virtual desktop 2 and open Firefox window 2 there. After using window 2 for some time, I switched back to virtual desktop 1 and found Firefox window 1 was gone. I checked `about:support` page but found no crash report there. I don't know what's going wrong.

Asked by yzhaocl1024 1 year ago

Answered by yzhaocl1024 1 year ago

  • Solved
  • Archived

about:preferences " What should Firefox do with other files?" change with mozialla.cfg / How can I control this setting using mozilla.cfg?

From my point of view, the setting " What should Firefox do with other files?" has been added in the current ESR version. "What should Firefox do with other files?" ("Wi… (read more)

From my point of view, the setting " What should Firefox do with other files?" has been added in the current ESR version.

"What should Firefox do with other files?" ("Wie soll Firefox mit anderen Dateien verfahren?") . "Save files" ("Dateien speichern") . "Ask whether to open or save files" ("Fragen, ob Dateien geöffnet oder gespeichert werden sollen")


How can I control/change this setting using mozilla.cfg?


By the way:

// What should Firefox do with other files? - Wie soll Firefox mit anderen Dateien verfahren? lockPref("applications-ask-before-handling", false);

// What should Firefox do with other files? - Wie soll Firefox mit anderen Dateien verfahren? lockPref("applications-ask-before-handling", true);

works detectably via about:config but does not change the setting for "What should Firefox do with other files?".

Asked by bzam 1 year ago

Answered by bzam 1 year ago

  • Solved
  • Archived

Disable "show in download folder"

I have a need to use regular browser (not kiosk), but disable the "open downloads folder" once a file has been downloaded. This is opening a file manager (thunar or alike… (read more)

I have a need to use regular browser (not kiosk), but disable the "open downloads folder" once a file has been downloaded. This is opening a file manager (thunar or alike) which then allows the user to browse the filesystem and open a terminal emulator from /usr/bin.

Using the policies, I am able to prompt for downloads, or select a download location, however I have been unable to completely stop the user from opening the download folder which opens a file browser.

Is there any way I can select policies or profile options for disabling the option for opening download folder?

Asked by Freddog 1 year ago

Answered by Terry 1 year ago

  • Archived

How to configure "What Firefox should do with other files" with policies.json

Hi, I deployed the last Firefox ESR update and I just found about this new feature : https://support.mozilla.org/en-US/kb/manage-downloads-preferences-using-downloa… (read more)

Hi,

I deployed the last Firefox ESR update and I just found about this new feature : https://support.mozilla.org/en-US/kb/manage-downloads-preferences-using-downloads-menu

So files are now downloaded and users are no longer prompted for what to do. My question is can we change this to "Ask whether to open or save files" using policies.json?

Kind regards,

McB

Asked by loic.hemat 1 year ago

Last reply by cor-el 1 year ago

  • Archived

Local update server for both "Rapid release" and ESR channels

Hi, trying to setup local update server for Firefox, and I hit on a problem: Was testing on my PC which has for multiple reasons "normal" Firefox and get to the point wh… (read more)

Hi, trying to setup local update server for Firefox, and I hit on a problem:

Was testing on my PC which has for multiple reasons "normal" Firefox and get to the point where updates from local server are working, but then tried to test the PC where the ESR version is installed - was expecting the update will not be found, and I would download the MAR files for ESR, edit the update.xml.... but the ESR Firefox found and downloaded the "normal" update, but of course could not install it.

Is there a way to set in XML file that one update is only for ESR and another for Rapid release version of Firefox? How to setup local update server for both channels simultaneously?

Another minor question - is there a simple way how to get buildID for/from downloaded prebuild MAR file? Without it the in the XML file update process don't work correctly and only place I found it so far is in source code for that build.

Thanks.

Asked by Andrej Mrázik 1 year ago

Last reply by Andrej Mrázik 1 year ago

  • Archived

Extension Management GPO has a limit of 2048 characters

I'm trying to configure the "Extension Management" policy for firefox in my company. We have 14 addons to manage. using JSON this will end to a line of about 2500 chara… (read more)

I'm trying to configure the "Extension Management" policy for firefox in my company. We have 14 addons to manage. using JSON this will end to a line of about 2500 characters.

when I try to copy the code into the gpo I get a message telling me the limit is 2048 characters.

Is there a way to baypass this limitation ?


thank you

Asked by kalimera555 1 year ago

Last reply by Mike Kaply 1 year ago

  • Solved
  • Archived

Issue Policy ExtensionSettings - Lang pack

Hello, I'm trying to deploy Firefox with several languages. I followed the guide on [https://support.mozilla.org/en-US/kb/deploying-firefox-language-packs]. Everything… (read more)

Hello,

I'm trying to deploy Firefox with several languages.

I followed the guide on [https://support.mozilla.org/en-US/kb/deploying-firefox-language-packs].

Everything work fine until I set up ExtensionSettings policy. This policy hide and block languages menu.

After scratching my head for a while, I finally figured out how to do it. I would to like to know if an easier way to whitelist all locales and dictionaries. I would like to only control the extensions.

<enabled/> <data id="ExtensionSettings" value=' {

 "*": {
   "blocked_install_message": "Blocked by your administrator.",
   "installation_mode": "blocked",
   "allowed_types": ["extensions", "dictionary", "locale"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },

"qwantcomforfirefox@jetpack": {

   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/file/3658805/latest.xpi"

}, "langpack-en-CA@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-en-GB@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-en-US@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-AR@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-CL@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-ES@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-MX@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-fr@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-pt-BR@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-pt-PT@firefox.mozilla.org": {

 "installation_mode": "allowed"

} }'/>

Thank you

Asked by yann.yong 1 year ago

Answered by Mike Kaply 1 year ago

  • Archived

Background Update

Nessus, Qualys, IBM Big Fix security scans constantly pick up firefox vulnerabilities. What we find is that either users have deleted the Firefox background update task o… (read more)

Nessus, Qualys, IBM Big Fix security scans constantly pick up firefox vulnerabilities. What we find is that either users have deleted the Firefox background update task or on servers, it never gets put onto the task scheduler. All other browsers have a channel update in the GPO files that ensure they are kept up to date and never show up in our scans. When will firefox put out similar channel GPOs and quit relying on the differently named task that we can't put into a group policy task scheduler, but constantly find firefox vulnerabilities from users that have deleted it so that group policy does not take effect.

Asked by bruce92 1 year ago

Last reply by bruce92 1 year ago

  • Archived

Prefs.js file is generated in random userprofile path, need to overwrite it dynamically

Need way to overwrite prefs.js with corporate standard for kiosk like environment. Either need way to have firefox install in standard path within each user profile or h… (read more)

Need way to overwrite prefs.js with corporate standard for kiosk like environment. Either need way to have firefox install in standard path within each user profile or have firefox insert file from source. Advice ? thanks.

Asked by jon.dickens 1 year ago

Last reply by jon.dickens 1 year ago

  • Archived

Corresponding GPO for the Windows SSO in Settings?

Is there a corresponding GPO for this setting? I have been unable to find it and searching hasn't yielded much help. I'm on 102 ESR with up to date admx files. This wou… (read more)

Is there a corresponding GPO for this setting? I have been unable to find it and searching hasn't yielded much help.

I'm on 102 ESR with up to date admx files. This would be super helpful!


Thanks!

Asked by TurkeyG 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Disable creation of private browsing shortcut

Im working on a deployment package for Mozilla Firefox 106.0.1 when launching Firefox on a brand new user it automatically creates a shortuct for private browsing. Im loo… (read more)

Im working on a deployment package for Mozilla Firefox 106.0.1 when launching Firefox on a brand new user it automatically creates a shortuct for private browsing. Im looking for a way to disable this as the package im creating is an appv package and this new shortcut installs in users profile, so it won't be uninstalled. I have searched google but cant find any hits.

We have the following for customization: Application directory\defaults\pref: localsettings.js with these settings: pref("general.config.obscure_value", 0); // only needed if you do not want to obscure the content with ROT-13 pref("general.config.filename", "mozilla.cfg");

Application directory\mozilla.cfg with these settings: // Don't show WhatsNew on first run after every update pref("browser.startup.homepage_override.mstone","ignore");

// Don't show 'know your rights' on first run pref("browser.rights.3.shown", true);

// Disable Policy Notice on First Run pref("toolkit.telemetry.reportingpolicy.firstRun", false);

// Disable checkDefaultBrowser lockPref("browser.shell.checkDefaultBrowser", false);

Application directory\distribution\policies.json with the following settings: {

 "policies": {
   "DisableAppUpdate": true,

"DontCheckDefaultBrowser": true } }

Asked by Max J 1 year ago

Last reply by Mike Kaply 1 year ago